Which of the following is the BEST approach to perform risk mitigation of user access control rights?
A.
Conduct surveys and rank the results.
B.
Perform routine user permission reviews.
C.
Implement periodic vulnerability scanning.
D.
Disable user accounts that have not been used within the last two weeks.